Richard Bejtlich's blog on digital security, strategic thought, and military history.

Sunday, January 06, 2008

No More Tiger Team?

You may have already heard about Tiger Team on the former Court TV (now TruTV, but I finally watched both episodes this weekend on my TiVo. I liked the "WWJD40D", "Core Impact", and "I am an Infosec Sellout" T-shirts. I especially liked the injection of time-based security into the jewelry heist scenario, where the tiger team was slowed by 15 minutes because they tried brute-forcing a keypad lock.

I contacted several PR reps at TruTV and asked about Tiger Team's future. One of them wrote back:

25 comments:

Anonymous
said...

Agreed, it's a neat show. But you have to consider, how many companies are willing to show how vulnerable they were found to be?

Also, it left me wondering just how far they go to restore security once they've succeeded in breaking it. For instance, once they break in and cut the phone line to the alarm, do they bother to repair it before they leave? Or do they just hope no one happens to rob the joint the same night they do?

There was a similar show, To Catch a Thief, I believe it was called. Those guys had a segment that after they broke in, they installed higher tech and better systems and then tried to break in again.I have not seen Tiger team yet, but I can't imagine that it wouldn't be similar, in at least fixing what they broke and making suggestions for better.

The team is shown making a few recommendations at the end of the episode featuring the luxury car dealership. The amount of time for that aspect was small, which makes sense since it probably is not as interesting to viewers.

i enjoyed it, even if it *is* sensationalist bullshit, it's enjoyable sensationalist bullshit.by bullshit im refferring to them thinking pen testing is this AMAZING idea and that they all are l33t hAx0rs etc, and that it is so simple ur mum could do it.but it is funi hope they reconsider, or simply sell it to a uk network so i can watch it at home.-if you listen to the interviews they guys hint they have made the series.

i watched both episodes and i loved each. it's a great show and amazingly theres only 3 people behind it. All thats really needed is 2 cameras and to follow around the smart tiger team, with all the series airing on CourtTV/truTV i don't see how they could pass this one up. I seriously hope someone else picks up tiger team its a great show.

I watched both episodes on CourtTV/TruTV when they originally aired. As an instructor for a school that teaches IT security, I was recommending it to all the students, just to show how easy Social Engineering can be.

I really hope they bring it back, as it was very relevant to today's security needs.

i was a cameraman for the show, and let me tell you, this show is as much fun to produce as it is to watch on tv. the guys are really amazing at what they do, and i the rush of basically being a legal criminal is out of this world....i hope they bring it back too!!! thanks for all the support. keep writing the network, it helps!

I haven't watched all of it, but i saw some shot at TRUTV site and i was like i need the whole series. Now it canceled, its too early to even cancel. Anybody who can upload for me at Rapidshare or filefactory i download.

I agree that is a great show. As far as the comment about the trill of being a "legal criminal". I have done security, and retail loss prevention for a dozen years. Part of the time was for a major art museum. I have stolen a Rembrant, Van Gohn, and Picasso. My father used to tell his freinds that his son was the best fine art theif in Indianapolis. I have also shoplifted thousands of dollars worth of merchandise in the course of my employment. Maybe I should pitch one of these ideas to TruTV.

I emailed TruTV to reco they keep the show on. I'd suggest you all do the same if you really liked it. But of course you do bring up good points with companies not wanting others to know how vulnerable they are.

Chris gave a keynote at a conference I attended and told us all about an airport the team was called into assess. No airport name was given, but how they breached security (completely) was fascinating. Valuable lessons we can all learn from.

Ryan, one of the members of the team, is a friend of mine. I haven't talked to him since before the episodes aired, but there was concern that the show would compromise their ability to do their actual jobs, which are exactly what you see on the show. It's pretty hard to do a physical pen test when you're on TV.

This show was canceled because in the Jewelry episode when they tripped the alarm, they set off a frequency blocker to disrupt it. The SEC had major problems because something of this nature can disrupt police, fire, etc channels.